package com.aaa.tmr.config;

import com.aaa.tmr.util.BussinessConstants;
import com.aaa.tmr.util.MyCustomRealm;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @author ：Marko
 * @date ：Created in 2021/3/18 21:57
 * @ description ：shiro配置
 * @ modified By：
 * @ version:
 */
@Configuration
public class ShiroConfig {

    /**
     *实例化shiro过滤工厂类
     * @return
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilter(){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager());
        //配置登录失败后，跳转的页面
        shiroFilterFactoryBean.setLoginUrl("/user/toLogin");
        //配置默认页面
        shiroFilterFactoryBean.setSuccessUrl("/backIndex/toIndex");
        //配置未认证页面
        //shiroFilterFactoryBean.setUnauthorizedUrl();
        //实例化时，要保证url地址的有序性，所以一定不能使用hashMap
        // Map ChainDefinitionMap = new HashMap();
        // LinkedHashMap按照放入顺序取加载
        Map ChainDefinitionMap = new LinkedHashMap();
        //配置放行的静态资源，以后有的继续添加
        ChainDefinitionMap.put("/layui/**","anon");
        ChainDefinitionMap.put("/model/**","anon");
        //放行请求路径
        ChainDefinitionMap.put("/user/toLogin","anon");
        ChainDefinitionMap.put("/user/login","anon");
        //登出
        ChainDefinitionMap.put("/logout","logout");
        //配置拦截路径
        ChainDefinitionMap.put("/**","authc");
        //配置放行和拦截的请求路径
        shiroFilterFactoryBean.setFilterChainDefinitionMap(ChainDefinitionMap);
        return shiroFilterFactoryBean;
    }

    /**
     * 实例化securityMananger
     * @return DefaultWebSecurityManager
     */
    @Bean
    public DefaultWebSecurityManager securityManager(){
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(myCustomRealm());
        return defaultWebSecurityManager;
    }

    /**
     *shiro的生命周期交给spring管理
     * @return LifecycleBeanPostProcessor
     */
    @Bean
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){
        LifecycleBeanPostProcessor lifecycleBeanPostProcessor = new LifecycleBeanPostProcessor();
        return lifecycleBeanPostProcessor;
    }

    /**
     * 实例化缓存
     * @return
     */
    //@Bean
    public CacheManager cacheManager(){
        CacheManager cacheManager =new EhCacheManager();
        return cacheManager;
    }

    /**
     * description: 安全数据连接器
     * @param
     * @return MyCustomRealm
     * @author Marko
     * @Date 2021/3/19 9:22
     **/
    @Bean
    public MyCustomRealm myCustomRealm(){
        MyCustomRealm myCustomRealm = new MyCustomRealm();
        myCustomRealm.setCredentialsMatcher(credentialsMatcher());
        //配置缓存
        // myCustomRealm.setCacheManager(cacheManager());
        return  myCustomRealm;
    }

    /**
     *配置哈希算法和哈希次数
     * @return HashedCredentialsMatcher
     */
    @Bean
    public HashedCredentialsMatcher credentialsMatcher(){
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        hashedCredentialsMatcher.setHashAlgorithmName(BussinessConstants.UserCheck.ALGORITHM_NAME);
        hashedCredentialsMatcher.setHashIterations(BussinessConstants.UserCheck.HASH_INTERATOR);
        return hashedCredentialsMatcher;
    }
}
